Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

VPN configuration site to site

Dear All,

1. We plan to create a Site to site vpn tunnel between another company and our head office. they are having the same Lan network range as ours. both location are being using the same network. Now its not advise to change the IP in any location. is there any way i can configure the site-site vpn and establish the connectivity?

2. Also plan to configure the client to site VPN (Remote access Vpn) tunnel authentication through Certificates. we have an internal Windows server which is configured as certifictae server.we can download CA certificates from it. but this server is not been natted to public ip.can i use this server for remote access vpn ? for remote access vpn the certificate server should be available in the net or it can be in the internal network. do we need to install the certificate in PIX ?

Please help me to configure the same.

Thanks

2 REPLIES

Re: VPN configuration site to site

Re: VPN configuration site to site

1. Yes you can do this be employing NAT for the overlapping space, please have a look at:

http://supportwiki.cisco.com/ViewWiki/index.php/PIX/ASA_7.x_and_later:_Site_to_Site_(L2L)_IPsec_VPN_with_Policy_NAT_(Overlapping_Private_Networks)_Configuration_Example

(Copy the whole URL above, as the forum is breaking the link)

2. The certificates can be generated and installed on the endpoints without requiring that you publish you CA server over the internet (NAT). However if you want to do SCEP enrollment etc. over the internet you need to open it up. This all depends on your security policy, have a look at this link for configuration assitance:

http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a0080930f21.shtml

Regards

Farrukh

582
Views
5
Helpful
2
Replies
CreatePlease to create content